Download
| Alert*
|
oval:org.secpod.oval:def:600797
It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP"s. oval:org.secpod.oval:def:600935 Multiple security issues have been found in Mahara - an electronic portfolio, weblog, and resume builder -, which can result in cross-site scripting, clickjacking or arbitrary file execution. |
